Recent Comments

Tags

27 October 2016

Business risk intelligence firm FlashPoint has put out a preliminary analysis of last week’s massive denial of service attack against Dyn DNS, and its conclusion is it was likely the work of amateur hackers — rather than, as some had posited, state-sponsored actors perhaps funded by the Russian government.

The DDoS attack against Dyn’s domain name system impacted access to a range of sites in parts of the U.S. last Friday, including PayPal, Twitter, Reddit, GitHub, Amazon, Netflix, Spotify and RuneScape.

Aside from suspicion falling on Russia, various entities have also claimed or implied responsibility for the attack, including a hacking group called the New World Hackers and — bizarrely — WikiLeaks, which put out a (perhaps joke) tweet suggesting some of its supporters might be involved.

FlashPoint dubs these claims “dubious” and “likely to be false”, and instead comes down on the side of the script kiddies theory.

Its reasoning is based on a few factors, including a detail it unearthed during its investigation of the attack: namely that the infrastructure used in the attack also targeted a well-known video game company.

“While there does not appear to have been any disruption of service, the targeting of a video game company is less indicative of hacktivists, state-actors, or social justice communities, and aligns more with the hackers that frequent online hacking forums,” writes FlashPoint’s Allison Nixon, John Costello and Zach Wikholm in their analysis.

This is going to get very ugly very fast.

I might suggest that making sure that equipment manufacturers can be held liable for these sort of bone-headed vulnerabilities.